You can translate the question and the replies:

Oauth 2.0 authentication in web services - Introspection

Hi Team, We are trying to use this authentication method in my published web services, but I need some more information than in the link: INTROSPECTION Is this method as secure as JWT? Is used frequently by clients? What should be the content of the json data source? Is the identity manager internal to Denodo or should be programmed apart of it?
06-08-2019 10:35:49 -0400

1 Answer

Hi, The goal of both the JWT and Introspection Oauth 2.0 validation modes are to read an access token. You need to select the validation mode that the identity server of your organization supports. To configure OAuth 2.0 with Validation mode as Use introspection you could follow the below steps, * Create a JSON data source, this data source will send an HTTP POST request to the identity manager by interpolating the access token such that the identity manager checks the validity of the access token sent by the client. * In OAuth 2.0 configuration, Check enable OAuth 2.0 authentication for web services, select validation mode as Use introspection, specify your Database and JSON data source and provide the access token’s interpolation variable of your HTTP URL in Access token interpolated variable. Once you are done with OAuth configuration changes, restart the Denodo server and Publish the REST web service with OAuth2.0 authentication. You could refer to section [Introspection]( of Virtual DataPort Administration Guide for more information on configuring introspect validation mode. Hope this helps!
Denodo Team
08-08-2019 02:33:09 -0400
You must sign in to add an answer. If you do not have an account, you can register here